[CODE] 2009-03-25,12:45:59 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Realtek Semiconductor Corp., 2.1.2.9, C:2008-01-07 10:40 M:2007-03-21 14:49] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00|(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] [(Verified)N/A, C:2007-02-06 19:39 M:2009-02-09 13:18] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00|(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] <360Safetray> [(Verified)360安全中心, 5, 0, 0, 1013, C:2009-02-20 16:43 M:2009-02-20 16:43] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-14 18:56 M:2009-03-14 18:51] <%systemroot%\system32\dumprep 0 -k> [N/A, ] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc., 0.1.0.3536, C:2008-01-07 10:49 M:2008-01-07 10:49] <"C:\Program Files\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-17 00:23 M:2009-03-17 00:22] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2006-03-01 04:53 M:2006-03-01 04:53] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2009-03-24 18:40 M:2009-03-17 19:16] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2009-03-24 18:40 M:2009-03-17 19:16] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\江汉地区便民 供求 招聘 出租 进入江汉百事通] <> [N/A, C:2006-01-04 00:21 M:2006-01-04 00:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00|(Verified)N/A, C:2002-01-03 05:30 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00|(Verified)N/A, C:2002-01-03 05:31 M:2004-08-17 20:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [(Verified)ShenZhen Thunder Networking Technologies,LTD, 5,8,12,689, C:2009-03-24 18:40 M:2009-03-17 19:22] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}] <江汉伴侣> [] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2002-01-03 06:10 M:2007-05-30 08:28] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2007-02-06 19:39 M:2009-02-09 13:18] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2007-02-06 19:39 M:2009-02-09 13:18] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2007-02-06 19:39 M:2009-02-09 13:18] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [RealNetworks, Inc., 1.0.1.2263, C:2008-01-07 10:49 M:2008-01-07 10:49] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] Protocols [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} [酷狗, 5.2.4.4, C:2009-03-14 19:12 M:2008-11-20 08:33] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-03-24 18:40 M:2009-03-17 19:21] [BandIE Class] {77FEF28E-EB96-44FF-B511-3185DEA48697} [(Verified)Baidu.com, Inc., 2, 0, 2, 183, C:2009-03-24 18:40 M:2009-02-23 13:30] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-24 18:40 M:2009-03-17 19:22] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] ToolBar [百度工具栏] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [(Verified)Baidu.com, Inc., 2, 0, 2, 183, C:2009-03-24 18:40 M:2009-02-23 13:30] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-03-24 18:40 M:2009-03-17 19:21] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 49, C:2009-03-24 18:40 M:2009-03-17 19:22] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [ShenZhen Thunder Networking Technologies,LTD, 2, 1, 9, 102, C:2009-03-24 18:40 M:2009-03-17 19:20] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2009-03-24 18:40 M:2009-03-17 19:21] [BandIE Class] {77FEF28E-EB96-44FF-B511-3185DEA48697} [(Verified)Baidu.com, Inc., 2, 0, 2, 183, C:2009-03-24 18:40 M:2009-02-23 13:30] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-24 18:40 M:2009-03-17 19:22] [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 3, 5810, 141, C:2009-03-24 18:40 M:2009-03-17 19:21] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 3, 5810, 141, C:2009-03-24 18:40 M:2009-03-17 19:21] [百度工具栏] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [(Verified)Baidu.com, Inc., 2, 0, 2, 183, C:2009-03-24 18:40 M:2009-02-23 13:30] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,47,0, C:2002-01-03 05:30 M:2007-07-11 14:24] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 4, C:2007-08-14 18:27 M:2007-08-14 18:27] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [(Verified)ShenZhen Thunder Networking Technologies,LTD, 2, 1, 58110, 250, C:2009-03-24 18:40 M:2009-03-17 19:21] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2002-01-03 06:10 M:2007-05-30 08:28] ======================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] [Remote Access Connection Manager / RasMan][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00|Microsoft Corporation, 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343), C:2002-01-03 05:31 M:2007-07-11 17:24] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:54] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-03-14 18:55 M:2009-03-14 18:54] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-17 00:23 M:2009-03-17 00:22] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-17 00:23 M:2009-03-17 00:22] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\Rfw\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-03-17 00:23 M:2009-03-17 00:22] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:56 M:2009-03-14 18:51] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-03-14 18:55 M:2009-03-14 18:50] ======================================== 驱动 [BdGuard / BdGuard][Running/Boot Start] [Copyright (C) 2005, 1, 0, 12, 0, C:2009-03-24 18:40 M:2009-03-24 18:40] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2002-01-03 05:31 M:2008-06-20 18:45] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2007-07-30 14:47 M:2006-12-01 03:22] [ati2mtag / ati2mtag][Stopped/Manual Start] [(Verified)ATI Technologies Inc., 6.14.10.6462, C:2002-01-03 05:40 M:2004-08-16 16:24] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6, C:2009-03-14 18:56 M:2009-03-14 18:54] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 52, C:2009-03-14 18:56 M:2009-03-14 18:51] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5391 built by: WinDDK, C:2008-01-07 10:40 M:2007-03-26 19:21] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2002-01-03 05:31 M:2004-08-17 20:00] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2, C:2009-03-17 00:23 M:2009-03-17 00:22] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.4, C:2009-03-17 00:23 M:2009-03-17 00:22] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.46, C:2009-03-17 00:23 M:2009-03-17 00:22] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:52] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys> [(Verified)360安全中心, 2, 3, 0, 1010, C:2009-03-03 18:15 M:2009-03-03 18:15] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2002-01-03 05:31 M:2007-11-13 18:25] [TesDrvPt / TesDrvPt][Running/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.4 built by: WinDDK, C:2009-03-14 18:48 M:2009-03-14 18:48] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 0, 9, 6, C:2009-03-14 18:48 M:2009-03-25 11:53] [NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start] [(Verified)Marvell, 8.61.2.3 built by: WinDDK, C:2008-01-07 10:43 M:2006-11-02 08:01] ======================================== 进程 [PID: 920 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] [PID: 980 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] [PID: 1004 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1048 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1060 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\system32\wdigest.dll [Microsoft Corporation, 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516), C:2002-01-03 05:31 M:2007-07-11 17:24] [PID: 1220 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1308 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1432 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1452 / SYSTEM] C:\Program Files\Rising\Rfw\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1460 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\System32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\System32\rasmans.dll [Microsoft Corporation, 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343), C:2002-01-03 05:31 M:2007-07-11 17:24] [PID: 1572 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1664 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1708 / SYSTEM] C:\Program Files\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.80, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-03-17 00:23 M:2009-03-17 00:23] C:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:16 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:16 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-17 00:23 M:2009-03-17 00:22] [PID: 1828 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-14 18:56 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31, C:2009-03-14 18:56 M:2009-03-24 20:57] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2009-03-14 18:56 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-03-14 18:56 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-14 18:56 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12, C:2009-03-14 18:56 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-03-14 18:56 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 20, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-14 18:56 M:2009-03-14 18:53] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-14 18:55 M:2009-03-24 17:01] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] [PID: 1896 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15, C:2009-03-14 18:56 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2009-03-14 18:56 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 272 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2002-01-03 05:31 M:2007-07-11 17:24] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 356 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 16:44] C:\Program Files\WinRAR\rarext.dll [N/A, C:2002-01-03 06:10 M:2007-05-30 08:28] C:\WINDOWS\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\nvshell.dll [N/A, C:2007-02-06 19:39 M:2009-02-09 13:18] E:\新建文件夹 (2)\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120, C:2009-03-24 18:40 M:2009-03-17 19:22] E:\新建文件夹 (2)\Components\ResWorker\DsBho_00.dll [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2009-03-24 18:40 M:2009-03-17 19:20] E:\新建文件夹 (2)\Components\ResWorker\DataProcessor_00.dll [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2009-03-24 18:40 M:2009-03-17 19:20] E:\新建文件夹 (2)\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34, C:2009-03-24 18:40 M:2009-03-17 19:21] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] [PID: 744 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 812 / Administrator] C:\WINDOWS\RTHDCPL.EXE [(Verified)Realtek Semiconductor Corp., 2.1.2.9, C:2008-01-07 10:40 M:2007-03-21 14:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [PID: 884 / Administrator] C:\WINDOWS\system32\RUNDLL32.EXE [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\WINDOWS\system32\NvMcTray.dll [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.8206, C:2007-02-06 19:39 M:2009-02-09 13:18] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [PID: 944 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-19 19:40] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-03-14 18:55 M:2009-03-14 18:54] [PID: 1244 / Administrator] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 71, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-19 19:40] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2009-03-14 18:55 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.93, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22, C:2009-03-14 18:56 M:2009-03-24 14:01] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-14 18:56 M:2009-03-14 18:51] [PID: 1268 / SYSTEM] C:\Program Files\Rising\Rfw\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-17 00:23 M:2009-03-19 19:39] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 36, C:2009-03-17 00:23 M:2009-03-17 00:22] [PID: 1868 / Administrator] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [RealNetworks, Inc., 0.1.0.3536, C:2008-01-07 10:49 M:2008-01-07 10:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 1640 / Administrator] C:\Program Files\Rising\Rfw\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-17 00:23 M:2009-03-19 19:39] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 71, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rfw\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14, C:2009-03-17 00:23 M:2009-03-17 00:23] C:\Program Files\Rising\Rfw\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 9, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-17 00:23 M:2009-03-17 00:22] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-17 00:23 M:2009-03-17 00:22] [PID: 644 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.11, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.23, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:46] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 25, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9, C:2009-03-14 18:55 M:2009-03-24 17:01] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1, C:2009-03-14 18:55 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3, C:2009-03-14 18:55 M:2009-03-14 18:51] [PID: 608 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 972 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 3880 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] [PID: 3056 / Administrator] C:\WINDOWS\system32\wuauclt.exe [(Verified)Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330), C:2002-01-03 05:57 M:2008-10-16 14:09] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [PID: 2724 / Administrator] D:\Tencent\QQ.exe [(Verified)TENCENT, 8,0,1249,1853, C:2008-11-28 11:32 M:2008-11-28 11:32] D:\Tencent\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,1249,1853, C:2008-11-13 15:41 M:2008-11-13 15:41] D:\Tencent\QQHelperDll.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 16:04 M:2007-09-17 16:04] D:\Tencent\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,1248,1851, C:2007-09-17 15:02 M:2007-09-17 15:02] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] D:\Tencent\QQAPI.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:53 M:2007-09-17 14:53] D:\Tencent\LoginCtrl.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:51 M:2007-09-17 14:51] D:\Tencent\LoginCtrlRes.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:51 M:2007-09-17 14:51] D:\Tencent\QQRes.dll [(Verified)TENCENT, 8,0,978,1833, C:2008-11-27 14:53 M:2008-11-27 14:53] D:\Tencent\QQMainFrame.dll [(Verified)TENCENT, 8,0,1249,1853, C:2008-12-10 15:02 M:2008-12-10 15:02] D:\Tencent\UnReadMsgMgr.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 15:00 M:2007-09-17 15:00] D:\Tencent\QQAllInOne.dll [(Verified)TENCENT, 8,0,1249,1853, C:2008-11-27 15:07 M:2008-11-27 15:07] D:\Tencent\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2007-09-17 14:59 M:2007-09-17 14:59] D:\Tencent\CameraDll.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 15:03 M:2007-09-17 15:03] D:\Tencent\CQQApplication.dll [(Verified)TENCENT, 8,0,1249,1853, C:2008-11-27 16:00 M:2008-11-27 16:00] D:\Tencent\FlashAvatarDll.dll [(Verified)版权所有 (C) 2008, 1, 0, 0, 1, C:2007-09-17 14:50 M:2007-09-17 14:50] D:\Tencent\NewSkin.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:52 M:2007-09-17 14:52] D:\Tencent\MailSummary.dll [(Verified)TENCENT, 8,0,1234,1851, C:2007-09-17 14:51 M:2007-09-17 14:51] D:\Tencent\QQSpace.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:57 M:2007-09-17 14:57] C:\WINDOWS\system32\macromed\flash\Flash9d.ocx [(Verified)Adobe Systems, Inc., 9,0,47,0, C:2002-01-03 05:30 M:2007-07-11 14:24] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2002-01-03 05:30 M:2004-08-17 20:00] D:\Tencent\QQAvatar.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:53 M:2007-09-17 14:53] D:\Tencent\OEMApplication.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:52 M:2007-09-17 14:52] D:\Tencent\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:55 M:2007-09-17 14:55] D:\Tencent\QQGroupMng.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:55 M:2007-09-17 14:55] D:\Tencent\QQPlugin.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:56 M:2007-09-17 14:56] D:\Tencent\QQSysMsgMng.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:58 M:2007-09-17 14:58] D:\Tencent\UserDefinedHead.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 15:01 M:2007-09-17 15:01] D:\Tencent\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:53 M:2007-09-17 14:53] D:\Tencent\QQCustomFace.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:54 M:2007-09-17 14:54] D:\Tencent\QRingMng.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:58 M:2007-09-17 14:58] D:\Tencent\LongConnection.dll [(Verified)TENCENT, 8,0,1249,1851, C:2007-09-17 15:05 M:2007-09-17 15:05] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] D:\Tencent\PhoneAPI.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:52 M:2007-09-17 14:52] D:\Tencent\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2007-09-17 14:50 M:2007-09-17 14:50] D:\Tencent\QQPet.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:56 M:2007-09-17 14:56] D:\Tencent\BQQApplication.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:49 M:2007-09-17 14:49] D:\Tencent\CommercesMng.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:49 M:2007-09-17 14:49] D:\Tencent\PersonalDesktop.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 15:06 M:2007-09-17 15:06] D:\Tencent\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2007-09-17 15:06 M:2007-09-17 15:06] D:\Tencent\QQSceneMng.dll [(Verified)TENCENT, 8,0,1249,1853, C:2007-09-17 14:57 M:2007-09-17 14:57] D:\Tencent\AddrSearch.dll [(Verified)腾讯科技(深圳)有限公司, 2, 2, 1, 27, C:2007-09-17 14:49 M:2009-02-16 12:47] [PID: 2428 / Administrator] D:\Program Files\Tencent\TXPlatform.exe [(Verified)Tencent, 1, 5, 225, 0, C:2008-05-20 17:53 M:2008-05-20 17:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [PID: 880 / Administrator] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:30 M:2004-08-17 20:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] [PID: 2408 / Administrator] F:\音乐\新建文件夹\新建文件夹\KuGou2008\KuGoo.exe [酷狗音乐, 5.3.29.330, C:2009-02-20 20:23 M:2009-01-22 15:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] F:\音乐\新建文件夹\新建文件夹\KuGou2008\kgplaycomm.dll [N/A, C:2009-02-20 20:23 M:2009-01-21 13:17] F:\音乐\新建文件夹\新建文件夹\KuGou2008\InExtend\kg_ksout.dll [N/A, C:2009-02-20 20:23 M:2009-01-21 13:17] C:\WINDOWS\system32\macromed\flash\Flash9d.ocx [(Verified)Adobe Systems, Inc., 9,0,47,0, C:2002-01-03 05:30 M:2007-07-11 14:24] F:\音乐\新建文件夹\新建文件夹\KuGou2008\msdmo.dll [Microsoft Corporation, 6.03.01.0400, C:2009-02-20 20:23 M:2008-11-20 08:33] F:\音乐\新建文件夹\新建文件夹\KuGou2008\cdread.dll [N/A, C:2009-02-20 20:23 M:2008-11-20 08:33] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 16:44] F:\音乐\新建文件夹\新建文件夹\KuGou2008\SkinRes.dll [N/A, C:2009-02-20 20:23 M:2009-01-18 15:20] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:14 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.66, C:2009-03-14 18:56 M:2009-03-24 20:57] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] [PID: 3272 / Administrator] C:\Program Files\Rising\Rav\RsMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rspalmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 71, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ravbmenu.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 16, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-19 19:40] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2009-03-14 18:55 M:2009-03-16 13:01] C:\Program Files\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\ravpsafe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25, C:2009-03-14 18:56 M:2009-03-24 00:03] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\psafecfg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19, C:2009-03-14 18:55 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.18, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\Program Files\Rising\Rav\ravxpage.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 84, C:2009-03-14 18:56 M:2009-03-19 19:40] C:\Program Files\Rising\Rav\ravxmons.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24, C:2009-03-14 18:56 M:2009-03-14 18:51] C:\Program Files\Rising\Rav\ravptool.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\Program Files\Rising\Rav\log2file.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.8, C:2009-03-14 18:56 M:2009-03-24 00:03] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4, C:2009-03-14 18:55 M:2009-03-14 18:50] [PID: 600 / Administrator] C:\Program Files\Rising\Rav\RsAgent.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17, C:2009-03-14 18:56 M:2009-03-14 18:52] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46, C:2009-03-14 18:55 M:2009-03-14 18:54] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2002-01-03 05:30 M:2007-07-11 17:25] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2009-03-14 18:55 M:2009-03-14 18:50] C:\WINDOWS\msagent\AgentMPx.dll [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:55 M:1998-09-15 17:55] [PID: 2980 / Administrator] C:\WINDOWS\msagent\AgentSvr.exe [Microsoft Corporation, 2.00.0.2202, C:1998-10-02 13:00 M:1998-10-02 13:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] C:\WINDOWS\msagent\AgentDP2.dll [Microsoft Corporation, 2.00.0.2115, C:1998-09-15 17:51 M:1998-09-15 17:51] [PID: 3908 / Administrator] F:\助手\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-11-15 11:58 M:2008-11-15 11:58] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-03 05:31 M:2007-07-11 17:25] D:\Program Files\360\360Safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1007, C:2009-02-13 23:40 M:2009-02-13 23:40] F:\助手\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]